Jerry Vonau wrote:
Hi All:
I'm not subscribed to the list, please cc me on any replies please.
While playing around with the latest fedora, think I found an issue with
a netfilter module. I run my boxes with ip6 disabled, you know, don't
run what is not needed. I couldn't figure out why I was seeing ipv6
addresses on my interfaces, and ipv6 module was loaded when I know that
I disabled ipv6 in modprobe.conf and sysconfig/network. For my netfilter
needs I use shorewall, which loads the module nf_nat_h323, which loads
the nf_conntrack_h323 module, and that loads ipv6! Once ipv6 is loaded,
you can't rmmod it and ipv6 addresses are assigned to the interfaces.
I've disabled the loading of those modules and the ipv6 addresses don't
occur. My question is this the intended behavior for this module?
Thanks in advance,
Jerry
Why are you so resistant to IPv6?
Addresses should only start occurring if the network the machine is
attached to is IPv6-enabled and active. When that happens ::1
(localhost, actually less dangerous than 127.0.0.1) is assigned, but
only the IPv6-connected interface gets an actual 2000::/3 public
allocation to use.
You appear to be in the perfect position to make the transition now and
painlessly. By forcibly disabling it you are making yourself come back a
a few months and re-enable it all piece-by-piece.
You would do better to leave it, and just configure the FW through
ip6tables.
Amos
-
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
